| |
| |||||||
Log-Analyse und Auswertung: Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
14.02.2011, 19:28
| #1 |
| |  Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. Hallo an alle, mein PC startete zwar, aber es kam nach dem booten nur der Wallpaper im Hintergrund. Der Desktop selbst blieb leer. Unter`m Taskmanager sah ich, dass der Explorer.exe nicht gestartet wurde..schätzungsweise hatte ich einen Trojaner, oder Malware drauf, was meine Progamme mir bestätigten (AVAST,Spybot Search and Destroy,Malwarebytes' Anti-Malware). Nach der Anleitung von Larusso hier aus dem Board http://www.trojaner-board.de/89918-l...e-larusso.html läuft nun mein PC wieder normal... so der Anschein. Kann einer von euch bitte die Logfiles anschauen und mir sagen, ob da noch was im Argen liegt? Wäre euch unendlich dankbar!!
Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5754
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
13.02.2011 20:39:52
mbam-log-2011-02-13 (20-39-52).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 173087
Laufzeit: 5 Minute(n), 11 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\userinit.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Explorer (Trojan.Agent) -> Value: Explorer -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\dokumente und einstellungen\administrator\startmenü\programme\autostart\nokul.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\default user\startmenü\programme\autostart\leuwn.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\srvzmon.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:45 on 13/02/2011 (User)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
|
|
14.02.2011, 19:34
| #2 |
| | Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. Weitere Logs:
__________________
Code:
ATTFilter GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-02-14 07:16:13
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-10 WDC_WD5000AADS-00S9B0 rev.01.00A01
Running: g2m3e4r.exe; Driver: C:\DOKUME~1\User\LOKALE~1\Temp\pgtdapob.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xAF5B8728]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xAF5BF7EA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xAF5BF6A2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xAF5BFCA8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xAF5BFBBE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xAF5BF276]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xAF5B87D8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xAF5BF77E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xAF5BF1B2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xAF5BF218]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xAF5B8870]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xAF5BF8C2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xAF5BFD76]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xAF5BF880]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xAF5BFA04]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xAF5CC82E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xAF5CC652]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xAF5CC78C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 23E8 80501C20 2 Bytes JMP A0AF5BF7
.text ntkrnlpa.exe!ZwCallbackReturn + 2494 80501CCC 2 Bytes [76, F2] {JBE 0xfffffffffffffff4}
PAGE ntkrnlpa.exe!ZwLoadDriver 8057969A 7 Bytes JMP AF5CC790 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 805A0816 7 Bytes JMP AF5CC656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805B1DB4 5 Bytes JMP AF5C81EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805B8C2C 5 Bytes JMP AF5C9C88 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805C74CC 7 Bytes JMP AF5CC832 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xB8A19900]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\brsvc01a.exe[328] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[364] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\crypserv.exe[520] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[752] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[940] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[984] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[996] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1240] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1544] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\IoctlSvc.exe[1560] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\HPZipm12.exe[1704] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Alwil Software\Avast5\AvastSvc.exe[1752] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
|
|
14.02.2011, 19:40
| #3 |
| | Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..
Code:
ATTFilter .text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1828] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Dokumente und Einstellungen\User\Desktop\g2m3e4r.exe[2116] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Dokumente und Einstellungen\User\Desktop\g2m3e4r.exe[2116] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2280] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[2860] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 41195501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 4126DB6C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 4136502F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 41364F61 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 41364FCC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 41364E32 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 41364E94 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 41365092 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 41364EF6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\WINDOWS\system32\umonit.exe[3616] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3688] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 41195501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 41269B15 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!CallNextHookEx 7E37B3C6 5 Bytes JMP 4125D16D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 4126DB6C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 411D4666 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 4136502F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 41364F61 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 41364FCC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 41364E32 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 41364E94 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 41365092 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 41364EF6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ole32.dll!CoCreateInstance 774CF1AC 5 Bytes JMP 4126DBC8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ole32.dll!OleLoadFromStream 774F981B 5 Bytes JMP 413653B0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC]
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
|
|
14.02.2011, 19:42
| #4 |
| | Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..
Code:
ATTFilter .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC] .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC] .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC] .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC] .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC] .text C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC] .text C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[3892] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe[4068] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe[4068] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes JMP 0056DBBD C:\Programme\Windows Live\Messenger\MsnMsgr.Exe (Windows Live Messenger/Microsoft Corporation) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC] .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC] .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ntdll.dll!LdrUnloadDll 7C9271CD 5 Bytes JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!SetServiceObjectSecurity 77E06D81 5 Bytes JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfigA 77E06E69 3 Bytes JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfigA + 4 77E06E6D 1 Byte [EC] .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfigW 77E07001 3 Bytes JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfigW + 4 77E07005 1 Byte [EC] .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfig2A 77E07101 5 Bytes JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfig2W 77E07189 5 Bytes JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!CreateServiceA 77E07211 5 Bytes JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!CreateServiceW 77E073A9 5 Bytes JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!DeleteService 77E074B1 5 Bytes JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \FileSystem\Ntfs \Ntfs tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis) AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Programme\Alcohol Soft\Alcohol 120\ Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x57 0x6E 0xA4 0x55 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x45 0x59 0xDD 0x78 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xED 0xF0 0xD3 0x60 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Pro\ Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xE3 0x81 0xF6 0x94 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB8 0x2D 0x1E 0x5D ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8C 0x2A 0x15 0xC3 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12 0x2A 0x2A 0xBC 0x6C ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12 0xF1 0x05 0xE2 0x9B ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Programme\Alcohol Soft\Alcohol 120\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x57 0x6E 0xA4 0x55 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x45 0x59 0xDD 0x78 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xED 0xF0 0xD3 0x60 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Pro\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xE3 0x81 0xF6 0x94 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB8 0x2D 0x1E 0x5D ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8C 0x2A 0x15 0xC3 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12 0x2A 0x2A 0xBC 0x6C ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12 0x0E 0x0F 0x9B 0xA4 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Programme\Alcohol Soft\Alcohol 120\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x57 0x6E 0xA4 0x55 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x45 0x59 0xDD 0x78 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xED 0xF0 0xD3 0x60 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Pro\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xE3 0x81 0xF6 0x94 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB8 0x2D 0x1E 0x5D ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8C 0x2A 0x15 0xC3 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12 0x2A 0x2A 0xBC 0x6C ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12 0xB3 0x71 0x49 0xC4 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Programme\Alcohol Soft\Alcohol 120\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x57 0x6E 0xA4 0x55 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x45 0x59 0xDD 0x78 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xED 0xF0 0xD3 0x60 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Pro\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xE3 0x81 0xF6 0x94 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB8 0x2D 0x1E 0x5D ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8C 0x2A 0x15 0xC3 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12 0x2A 0x2A 0xBC 0x6C ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12 0xF1 0x05 0xE2 0x9B ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Programme\Alcohol Soft\Alcohol 120\ Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x57 0x6E 0xA4 0x55 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x45 0x59 0xDD 0x78 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xED 0xF0 0xD3 0x60 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Pro\ Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xE3 0x81 0xF6 0x94 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB8 0x2D 0x1E 0x5D ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8C 0x2A 0x15 0xC3 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12 0x2A 0x2A 0xBC 0x6C ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12 0xF1 0x05 0xE2 0x9B ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service@LogSessionName stdout Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service@Active 1 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service@ControlFlags 1 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ApiTraceGuid Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ApiTraceGuid@Guid 485e7de9-0a80-11d8-ad15-505054503030 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ApiTraceGuid@BitNames API_TRACE_IO Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\DriverProcessTraceGuid Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\DriverProcessTraceGuid@Guid 485e7ded-0a80-11d8-ad15-505054503030 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\DriverProcessTraceGuid@BitNames DP_TRACE_API DP_TRACE_DDI DP_TRACE_GENERAL DP_TRACE_OBJECT DP_TRACE_POOL DP_TRACE_DRIVER DP_TRACE_DEVICE DP_TRACE_REQUEST DP_TRACE_FILEOBJECT DP_TRACE_IO DP_TRACE_PNP DP_TRACE_MEMORY DP_TRACE_IOTARGET DP_TRACE_FUNC DP_TRACE_STRING Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\MgrTraceGuid Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\MgrTraceGuid@Guid 485e7dea-0a80-11d8-ad15-505054503030 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\MgrTraceGuid@BitNames MGR_TRACE_MGR MGR_TRACE_SERVICE_KEY MGR_TRACE_DEVNODE MGR_TRACE_PROCESS Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ProcessHelperTraceGuid Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ProcessHelperTraceGuid@Guid 485e7dec-0a80-11d8-ad15-505054503030 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ProcessHelperTraceGuid@BitNames PROCHELP_TRACE_EVENT PROCHELP_TRACE_QUERY Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\RpcTraceGuid Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\RpcTraceGuid@Guid 485e7de8-0a80-11d8-ad15-505054503030 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\RpcTraceGuid@BitNames RPC_TRACE_AUTHENTICATION RPC_TRACE_SERVER RPC_TRACE_CLIENT RPC_TRACE_GENERAL Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\TestTraceGuid Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\TestTraceGuid@Guid 485e7deb-0a80-11d8-ad15-505054503030 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\TestTraceGuid@BitNames TEST_TRACE_GENERAL TEST_TRACE_APP TEST_TRACE_TSTDRIVER TEST_TRACE_FLTRDRIVER ---- EOF - GMER 1.0.15 ---- |
|
14.02.2011, 19:43
| #5 |
| | Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..
Code:
ATTFilter OTL logfile created on: 14.02.2011 07:18:01 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Dokumente und Einstellungen\User\Desktop\MFTools Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free 3,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): C:\pagefile.sys 1488 2976 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 177,93 Gb Total Space | 150,80 Gb Free Space | 84,75% Space Free | Partition Type: NTFS Drive D: | 287,83 Gb Total Space | 259,90 Gb Free Space | 90,29% Space Free | Partition Type: NTFS Computer Name: ** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.13 20:12:38 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\MFTools\OTL.exe PRC - [2011.01.13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe PRC - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe PRC - [2010.12.10 13:29:00 | 000,092,008 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe PRC - [2010.10.02 21:20:00 | 004,537,280 | ---- | M] (SlySoft, Inc.) -- C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe PRC - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.01.22 13:53:32 | 002,326,920 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe PRC - [2009.11.20 19:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009.09.12 18:09:48 | 000,357,800 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe PRC - [2009.09.12 18:09:44 | 000,660,936 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe PRC - [2009.09.12 18:09:14 | 005,082,488 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2009.09.05 17:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe PRC - [2008.06.29 23:01:01 | 000,052,168 | ---- | M] (Elaborate Bytes AG) -- C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe PRC - [2008.06.24 15:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe PRC - [2008.06.24 15:05:56 | 000,537,896 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe PRC - [2008.05.17 07:21:33 | 000,072,704 | ---- | M] (Autodata Limited) -- C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.02.21 02:35:02 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2006.10.19 12:52:24 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe PRC - [2005.11.21 11:34:24 | 000,081,920 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE PRC - [2005.08.06 02:31:16 | 000,053,248 | ---- | M] (General) -- C:\WINDOWS\system32\umonit.exe PRC - [2004.10.14 08:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [2003.01.30 17:49:20 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe PRC - [2002.09.20 13:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe PRC - [2002.04.11 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe PRC - [2001.12.12 23:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brss01a.exe PRC - [2000.06.29 09:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) -- C:\WINDOWS\system32\Crypserv.exe ========== Modules (SafeList) ========== MOD - [2011.02.13 20:12:38 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\MFTools\OTL.exe MOD - [2011.01.13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\snxhk.dll MOD - [2010.08.23 17:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010.02.04 19:17:27 | 000,129,984 | ---- | M] (SlySoft, Inc.) -- C:\Programme\SlySoft\AnyDVD\ADvdDiscHlp.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (gupdate) Google Update Service (gupdate) SRV - File not found [Disabled | Stopped] -- -- (Fun4IM Coordinator) SRV - File not found [Auto | Stopped] -- -- (AMService) SRV - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010.12.10 13:29:00 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.01.22 13:53:32 | 002,326,920 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2009.09.12 18:09:44 | 000,660,936 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2008.06.24 15:05:56 | 000,537,896 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2008.05.17 07:21:33 | 000,072,704 | ---- | M] (Autodata Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe -- (Autodata Limited License Service) SRV - [2007.12.12 17:32:20 | 001,253,568 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe -- (SandraTheSrv) SRV - [2007.12.12 17:31:58 | 000,213,176 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe -- (SandraDataSrv) SRV - [2007.10.25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc) SRV - [2007.02.21 02:35:02 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2006.10.19 12:52:24 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2005.11.21 11:34:24 | 000,081,920 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (AVM IGD CTRL Service) SRV - [2005.11.21 10:48:06 | 000,315,392 | ---- | M] (AVM Berlin) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe -- (de_serv) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) SRV - [2003.01.30 17:55:44 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm09.exe -- (Pml Driver) SRV - [2002.09.20 13:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)) SRV - [2002.04.11 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\WINDOWS\system32\brsvc01a.exe -- (Brother XP spl Service) SRV - [2000.06.29 09:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License) ========== Driver Services (SafeList) ========== DRV - [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011.01.13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011.01.13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010.09.30 22:25:16 | 000,030,376 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2010.09.14 14:16:06 | 000,108,480 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2010.01.22 13:53:34 | 000,159,168 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp) DRV - [2010.01.22 13:53:25 | 000,902,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm251.sys -- (tdrpman251) Acronis Try&Decide and Restore Points filter (build 251) DRV - [2010.01.22 13:53:21 | 000,570,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2010.01.22 13:53:10 | 000,157,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2009.11.20 19:15:18 | 000,137,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2009.11.20 19:15:16 | 000,058,880 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2008.07.17 01:12:47 | 000,028,672 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone) DRV - [2008.04.19 07:15:59 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008.04.18 19:32:38 | 000,716,272 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008.04.13 19:36:41 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf) DRV - [2008.03.22 17:08:08 | 000,020,520 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2008.03.22 17:08:08 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2007.04.10 20:30:16 | 000,018,304 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp) DRV - [2007.04.10 20:09:08 | 000,321,024 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315) DRV - [2007.02.16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2006.12.20 05:00:00 | 000,041,600 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP) DRV - [2006.11.02 00:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr) DRV - [2006.05.18 02:49:02 | 000,061,067 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K) DRV - [2006.05.18 02:48:50 | 000,047,249 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS) DRV - [2005.08.06 02:31:16 | 000,006,656 | ---- | M] (Genesys Logic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fixustor.sys -- (fixustor) DRV - [2005.03.01 05:01:40 | 000,392,704 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2004.09.14 05:55:44 | 000,088,960 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn) DRV - [2003.03.14 12:36:08 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv) DRV - [2003.01.30 17:55:44 | 000,050,800 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphid409.sys -- (Dot4 HPH09) DRV - [2003.01.30 17:55:44 | 000,050,211 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphs2k09.sys -- (Dot4Storage HPH09) Storage Class Driver for IEEE-1284.4 (HPH09) DRV - [2003.01.30 17:55:44 | 000,018,864 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphius09.sys -- (Dot4Usb HPH09) DRV - [2003.01.30 17:55:44 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphipr09.sys -- (Dot4Print HPH09) DRV - [2001.08.17 12:12:22 | 000,010,368 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbScn.sys -- (BrUsbScn) Brother MFC-Scannertreiber (USB) DRV - [2001.08.17 12:12:20 | 000,060,416 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerWdm.sys -- (BrSerWDM) Brother-Treiber (seriell) DRV - [2001.08.17 12:12:20 | 000,011,008 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbMdm.sys -- (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB) DRV - [2001.08.17 12:12:12 | 000,002,944 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrFilt.sys -- (brfilt) DRV - [2000.02.03 20:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://www.internetscout.biz/google/?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.internetscout.info/google/iesearch.php IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://www.internetscout.biz/google/?q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.internetscout.info/google/iesearch.php IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.0.1:80 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/402" FF - prefs.js..network.proxy.ftp: "192.168.0.1" FF - prefs.js..network.proxy.ftp_port: 80 FF - prefs.js..network.proxy.gopher: "192.168.0.1" FF - prefs.js..network.proxy.gopher_port: 80 FF - prefs.js..network.proxy.http: "192.168.0.1" FF - prefs.js..network.proxy.http_port: 80 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "192.168.0.1" FF - prefs.js..network.proxy.socks_port: 80 FF - prefs.js..network.proxy.ssl: "192.168.0.1" FF - prefs.js..network.proxy.ssl_port: 80 FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&systemid=402&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{383E62E4-22D3-4C83-B1A9-56DAD04C4D78}: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\{383E62E4-22D3-4C83-B1A9-56DAD04C4D78} [2011.01.26 19:44:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.21 18:28:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.02.11 19:56:24 | 000,000,000 | ---D | M] [2010.05.28 18:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Extensions [2010.05.28 18:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2011.01.28 18:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\x2yjjxbp.default\extensions [2010.04.04 11:07:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\x2yjjxbp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.01.29 18:50:10 | 000,000,000 | ---D | M] (Fun4IM for Firefox) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\x2yjjxbp.default\extensions\firefox@bandoo.com [2010.10.28 09:41:02 | 000,005,529 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\x2yjjxbp.default\searchplugins\SearchquWebSearch.xml [2011.01.28 18:51:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.01.16 02:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.16 02:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.16 02:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.10.28 09:41:02 | 000,005,529 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\SearchquWebSearch.xml [2010.01.16 02:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.16 02:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.01.30 18:45:44 | 000,429,314 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 192.168.178.20 HP00187161063B O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 14779 more lines... O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [CloneCDTray] C:\Programme\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP) O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NUSB3MON] C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation) O4 - HKLM..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [UMonit] C:\WINDOWS\system32\umonit.exe (General) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKCU..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.) O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\ERUNT AutoBackup.lnk = C:\Programme\ERUNT\AUTOBACK.EXE () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188718248281 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - Unable to read "AutoRun" value or value not present! O32 - AutoRun File - [2007.09.01 16:48:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010.07.15 20:46:53 | 000,000,702 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{5a160194-de85-11df-bc20-001bb9a114ac}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe O33 - MountPoints2\{68066153-50b7-11dd-824f-001167adddfa}\Shell\AutoRun\command - "" = J:\Web'n'walk_Helper.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: SSHNAS - File not found MsConfig - Services: "Fun4IM Coordinator" MsConfig - Services: "gupdate" MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 2 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 2 MsConfig - State: "startup" - 0 CREATERESTOREPOINT Restore point Set: OTL Restore Point (56308606093492224) ========== Files/Folders - Created Within 30 Days ========== [2011.02.13 20:45:38 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\User\Recent [2011.02.13 20:43:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011.02.13 20:23:32 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT [2011.02.13 20:23:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ERUNT [2011.02.13 20:11:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Desktop\MFTools [2011.02.12 12:09:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Registry Mechanic [2011.02.12 12:03:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Promosoft Corporation [2011.02.12 11:30:21 | 000,000,000 | ---D | C] -- C:\WINDOWS.0 [2011.02.12 11:29:16 | 000,000,000 | ---D | C] -- C:\Programme\Free Window Registry Repair [2011.02.12 11:21:45 | 000,000,000 | ---D | C] -- C:\Programme\Magical Jelly Bean [2011.02.12 11:21:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\KeyFinder [2011.02.12 10:04:56 | 000,116,736 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll [2011.02.12 10:04:52 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll [2011.02.12 10:04:39 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe [2011.02.12 10:04:35 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys [2011.02.12 10:04:11 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys [2011.02.12 10:04:08 | 000,035,402 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys [2011.02.12 10:03:59 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys [2011.02.12 10:03:40 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys [2011.02.12 10:03:29 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys [2011.02.12 10:03:25 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys [2011.02.12 10:03:21 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys [2011.02.12 10:03:13 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys [2011.02.12 10:03:09 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys [2011.02.12 10:03:05 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys [2011.02.12 10:03:01 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys [2011.02.12 10:02:46 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys [2011.02.12 10:02:31 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys [2011.02.12 10:02:27 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys [2011.02.12 10:02:23 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys [2011.02.12 10:02:18 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys [2011.02.12 10:01:59 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll [2011.02.12 10:01:45 | 000,212,480 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll [2011.02.12 10:01:41 | 000,216,576 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll [2011.02.12 10:01:27 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys [2011.02.12 10:01:23 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll [2011.02.12 10:01:20 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys [2011.02.12 10:01:16 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll [2011.02.12 10:01:13 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys [2011.02.12 10:01:09 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll [2011.02.12 10:00:37 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys [2011.02.12 10:00:32 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys [2011.02.12 10:00:28 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll [2011.02.12 10:00:27 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys [2011.02.12 10:00:22 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys [2011.02.12 10:00:19 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys [2011.02.12 10:00:06 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys [2011.02.12 10:00:03 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll [2011.02.12 09:59:21 | 000,159,744 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll [2011.02.12 09:59:17 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll [2011.02.12 09:59:14 | 000,287,232 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys [2011.02.12 09:59:10 | 000,017,152 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys [2011.02.12 09:59:04 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys [2011.02.12 09:58:45 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys [2011.02.12 09:58:04 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys [2011.02.12 09:58:00 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll [2011.02.12 09:57:56 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys [2011.02.12 09:57:53 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys [2011.02.12 09:57:50 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys [2011.02.12 09:57:26 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys [2011.02.12 09:57:22 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys [2011.02.12 09:57:19 | 000,095,178 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys [2011.02.12 09:57:12 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys [2011.02.12 09:56:49 | 000,161,888 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys [2011.02.12 09:56:46 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys [2011.02.12 09:56:43 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys [2011.02.12 09:56:40 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll [2011.02.12 09:56:13 | 000,017,792 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys [2011.02.12 09:56:06 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys [2011.02.12 09:56:03 | 000,024,192 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys [2011.02.12 09:55:49 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys [2011.02.12 09:55:46 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll [2011.02.12 09:55:43 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys [2011.02.12 09:55:39 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll [2011.02.12 09:55:36 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll [2011.02.12 09:55:33 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll [2011.02.12 09:55:30 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys [2011.02.12 09:55:27 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll [2011.02.12 09:55:24 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys [2011.02.12 09:55:17 | 000,083,968 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll [2011.02.12 09:55:14 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll [2011.02.12 09:55:11 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll [2011.02.12 09:55:10 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll [2011.02.12 09:54:55 | 000,079,360 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys [2011.02.12 09:54:51 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys [2011.02.12 09:52:49 | 000,715,242 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys [2011.02.12 09:52:46 | 000,899,658 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys [2011.02.12 09:52:17 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys [2011.02.12 09:52:14 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys [2011.02.12 09:52:11 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys [2011.02.12 09:51:59 | 000,016,384 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys [2011.02.12 09:51:12 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe [2011.02.12 09:50:59 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys [2011.02.12 09:50:58 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys [2011.02.12 09:50:56 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys [2011.02.12 09:50:15 | 000,054,730 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys [2011.02.12 09:50:09 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys [2011.02.12 09:50:05 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys [2011.02.12 09:49:48 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys [2011.02.12 09:20:11 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys [2011.02.12 09:20:07 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys [2011.02.12 09:20:02 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys [2011.02.12 09:19:54 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys [2011.02.12 09:19:51 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll [2011.02.12 09:19:43 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll [2011.02.12 09:19:40 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys [2011.02.12 09:19:38 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys [2011.02.12 09:19:35 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll [2011.02.12 09:19:32 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys [2011.02.12 09:19:29 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll [2011.02.12 09:19:20 | 000,076,288 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys [2011.02.12 09:19:18 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll [2011.02.12 09:19:15 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys [2011.02.12 09:19:11 | 000,020,480 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll [2011.02.12 09:19:08 | 000,022,144 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys [2011.02.12 09:18:28 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys [2011.02.12 09:17:54 | 000,164,970 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys [2011.02.11 21:39:46 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys [2011.02.11 21:39:43 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys [2011.02.11 21:39:42 | 000,422,016 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys [2011.02.11 21:39:39 | 000,607,196 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys [2011.02.11 21:39:39 | 000,577,226 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys [2011.02.11 21:39:36 | 000,728,298 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys [2011.02.11 21:39:27 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys [2011.02.11 21:39:25 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys [2011.02.11 21:39:22 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys [2011.02.11 21:39:19 | 000,016,256 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys [2011.02.11 21:39:15 | 000,026,506 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys [2011.02.11 21:39:12 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys [2011.02.11 21:38:16 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys [2011.02.11 21:37:25 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll [2011.02.11 21:35:40 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll [2011.02.11 21:35:31 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll [2011.02.11 21:35:04 | 000,028,672 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys [2011.02.11 21:35:02 | 000,082,560 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys [2011.02.11 21:34:59 | 000,017,792 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys [2011.02.11 21:34:46 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys [2011.02.11 21:34:34 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys [2011.02.11 21:34:32 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys [2011.02.11 21:34:27 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys [2011.02.11 21:34:24 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys [2011.02.11 21:34:21 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys [2011.02.11 21:34:20 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys [2011.02.11 21:34:02 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys [2011.02.11 21:33:57 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys [2011.02.11 21:33:56 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys [2011.02.11 21:32:28 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys [2011.02.11 21:32:23 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys [2011.02.11 21:32:18 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys [2011.02.11 21:32:16 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys [2011.02.11 21:32:14 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys [2011.02.11 21:32:09 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe [2011.02.11 21:32:08 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll [2011.02.11 21:32:06 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll [2011.02.11 21:32:04 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys [2011.02.11 21:31:43 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys [2011.02.11 21:31:42 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys [2011.02.11 21:31:33 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys [2011.02.11 21:31:10 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys [2011.02.11 21:31:09 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys [2011.02.11 21:31:08 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys [2011.02.11 21:31:07 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys [2011.02.11 21:31:06 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys [2011.02.11 21:31:04 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys [2011.02.11 21:31:03 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys [2011.02.11 21:31:01 | 000,252,928 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll [2011.02.11 21:30:53 | 000,216,576 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll [2011.02.11 21:30:39 | 000,020,864 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys [2011.02.11 21:30:30 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys [2011.02.11 21:30:22 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys [2011.02.11 21:30:21 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys [2011.02.11 21:30:21 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys [2011.02.11 21:30:20 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys [2011.02.11 21:30:19 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys [2011.02.11 21:30:16 | 000,715,210 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys [2011.02.11 21:30:11 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys [2011.02.11 21:30:10 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys [2011.02.11 21:30:10 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys [2011.02.11 21:30:08 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll [2011.02.11 21:30:07 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys [2011.02.11 21:29:30 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys [2011.02.11 21:29:28 | 000,039,808 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys [2011.02.11 21:29:28 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys [2011.02.11 21:29:25 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys [2011.02.11 21:29:24 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys [2011.02.11 21:29:16 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys [2011.02.11 21:29:12 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll [2011.02.11 21:29:12 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys [2011.02.11 21:29:11 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys [2011.02.11 21:29:10 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys [2011.02.11 21:29:09 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys [2011.02.11 21:29:08 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll [2011.02.11 21:29:08 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll [2011.02.11 21:27:06 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys [2011.02.11 21:26:26 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys [2011.02.11 20:48:50 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys [2011.02.11 20:48:38 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys [2011.02.11 20:48:37 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys [2011.02.11 20:48:37 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys [2011.02.11 20:48:36 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys [2011.02.11 20:48:34 | 000,061,952 | ---- | C] (Farb-Flachbett-Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll [2011.02.11 20:48:30 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll [2011.02.11 20:48:27 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll [2011.02.11 20:48:27 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys [2011.02.11 20:48:26 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys [2011.02.11 19:56:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Tygo [2011.02.11 19:56:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Real [2011.02.09 18:55:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Foymfe [2011.01.30 09:47:03 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Dokumente und Einstellungen\User\Desktop\setup-spybotsd162.exe [2011.01.29 18:50:11 | 000,000,000 | -H-D | C] -- C:\RestorPoint [2011.01.28 18:52:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bandoo [2011.01.28 18:51:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fun4IM [2011.01.27 17:04:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Adobe [2011.01.27 17:03:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia [2011.01.27 17:03:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe [2011.01.27 17:03:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Sun [2011.01.26 19:55:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\JDownloader [2011.01.26 19:54:50 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader [2011.01.26 19:44:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\{383E62E4-22D3-4C83-B1A9-56DAD04C4D78} [2011.01.26 18:34:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\TomTom [2011.01.26 18:34:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Startmenü\Programme\TomTom [2011.01.26 18:34:38 | 000,000,000 | ---D | C] -- C:\Programme\TomTom International B.V [2011.01.24 12:20:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google [3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.02.14 06:43:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.02.14 00:43:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.02.13 20:47:22 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.02.13 20:46:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.02.13 20:45:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm [2011.02.13 20:45:35 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm [2011.02.13 20:45:23 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\User\defogger_reenable [2011.02.13 20:40:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm [2011.02.13 20:40:05 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm [2011.02.13 20:23:41 | 000,000,793 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\ERUNT AutoBackup.lnk [2011.02.13 20:23:32 | 000,000,637 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\NTREGOPT.lnk [2011.02.13 20:23:32 | 000,000,618 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\ERUNT.lnk [2011.02.13 20:18:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm [2011.02.13 20:18:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm [2011.02.13 20:13:35 | 000,296,448 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\g2m3e4r.exe [2011.02.13 20:13:26 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\defogger.exe [2011.02.13 20:11:03 | 000,000,286 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Load.exe by Larusso - Trojaner-Board.url [2011.02.13 20:10:25 | 000,472,080 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Load.exe [2011.02.12 13:31:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm [2011.02.12 13:31:33 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm [2011.02.12 13:07:11 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI [2011.02.12 13:02:18 | 000,000,194 | -HS- | M] () -- C:\boot.ini [2011.02.12 12:57:27 | 002,758,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.02.12 12:55:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm [2011.02.12 12:55:42 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm [2011.02.12 12:54:34 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.02.12 12:37:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm [2011.02.12 12:37:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm [2011.02.12 12:26:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm [2011.02.12 12:26:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm [2011.02.12 12:19:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm [2011.02.12 12:19:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm [2011.02.12 11:45:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm [2011.02.12 11:45:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm [2011.02.12 11:29:08 | 000,798,000 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\RegpairSetup_2.0.exe [2011.02.12 10:53:51 | 000,000,324 | -HS- | M] () -- C:\boot.ini.old [2011.02.12 10:27:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2011.02.12 10:27:08 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm [2011.02.12 06:49:41 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.02.11 19:46:26 | 000,002,544 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2011.02.11 19:46:26 | 000,001,890 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2011.02.11 19:33:12 | 000,002,136 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Windows-Kompatibilitätsbericht.htm [2011.02.09 19:29:41 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm [2011.02.09 19:29:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2011.02.09 19:22:42 | 000,000,500 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\eBay Verkäufer Kisiru.url [2011.02.09 19:12:28 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Microsoft Office Word 2003.lnk [2011.02.09 18:43:15 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk [2011.02.07 19:04:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm [2011.02.07 19:04:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm [2011.02.05 09:16:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm [2011.02.05 09:16:00 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm [2011.02.04 18:58:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm [2011.02.04 18:58:20 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm [2011.01.30 19:06:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm [2011.01.30 19:06:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm [2011.01.30 18:45:44 | 000,429,314 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011.01.30 16:36:47 | 000,000,083 | -HS- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib [2011.01.30 15:24:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm [2011.01.30 15:24:01 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm [2011.01.30 13:13:10 | 000,429,314 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110130-184544.backup [2011.01.30 10:13:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm [2011.01.30 10:13:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm [2011.01.30 10:13:42 | 000,000,951 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Spybot - Search & Destroy.lnk [2011.01.30 09:53:08 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Dokumente und Einstellungen\User\Desktop\setup-spybotsd162.exe [2011.01.29 20:24:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm [2011.01.29 20:24:25 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm [2011.01.28 22:28:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm [2011.01.28 22:28:03 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm [2011.01.27 16:55:43 | 000,016,072 | ---- | M] () -- C:\WINDOWS\iragabob.dll [2011.01.27 16:55:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Bqosaneyafi.bin [2011.01.27 16:55:01 | 000,016,114 | ---- | M] () -- C:\WINDOWS\owelolel.dll [2011.01.26 19:44:59 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Kbonakihe.dat [2011.01.21 16:22:24 | 000,003,002 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011.01.16 09:37:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm [2011.01.16 09:37:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm [3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.02.13 20:45:14 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\User\defogger_reenable [2011.02.13 20:23:41 | 000,000,793 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\ERUNT AutoBackup.lnk [2011.02.13 20:23:32 | 000,000,637 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\NTREGOPT.lnk [2011.02.13 20:23:32 | 000,000,618 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\ERUNT.lnk [2011.02.13 20:13:29 | 000,296,448 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\g2m3e4r.exe [2011.02.13 20:13:23 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\defogger.exe [2011.02.13 20:11:03 | 000,000,286 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\Load.exe by Larusso - Trojaner-Board.url [2011.02.13 20:10:15 | 000,472,080 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\Load.exe [2011.02.12 13:07:11 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2011.02.12 12:52:57 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011.02.12 11:40:24 | 000,000,324 | -HS- | C] () -- C:\boot.ini.old [2011.02.12 11:28:58 | 000,798,000 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\RegpairSetup_2.0.exe [2011.02.12 10:04:51 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll [2011.02.12 10:04:48 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe [2011.02.12 09:54:47 | 000,086,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\reslog32.dll [2011.02.12 09:52:06 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax [2011.02.12 09:52:02 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll [2011.02.12 09:50:12 | 000,044,105 | ---- | C] () -- C:\WINDOWS\System32\dllcache\otceth5.sys [2011.02.12 09:18:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax [2011.02.11 21:35:38 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll [2011.02.11 21:35:33 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll [2011.02.11 21:35:29 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll [2011.02.11 21:35:24 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll [2011.02.11 21:35:19 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll [2011.02.11 21:32:13 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll [2011.02.11 21:32:12 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll [2011.02.11 21:32:11 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll [2011.02.11 21:32:07 | 000,031,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\disrvpp.dll [2011.02.11 21:28:28 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys [2011.02.11 21:28:27 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys [2011.02.11 21:28:26 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys [2011.02.11 21:28:26 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys [2011.02.11 21:28:25 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys [2011.02.11 21:28:25 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys [2011.02.11 21:28:24 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys [2011.02.11 21:28:23 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys [2011.02.11 21:28:21 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys [2011.02.11 21:28:16 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys [2011.02.11 19:33:13 | 000,002,136 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\Windows-Kompatibilitätsbericht.htm [2011.01.30 10:13:42 | 000,000,951 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\Spybot - Search & Destroy.lnk [2011.01.27 16:55:39 | 000,016,072 | ---- | C] () -- C:\WINDOWS\iragabob.dll [2011.01.27 16:54:58 | 000,016,114 | ---- | C] () -- C:\WINDOWS\owelolel.dll [2011.01.26 19:54:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.01.26 19:44:59 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Kbonakihe.dat [2011.01.26 19:44:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Bqosaneyafi.bin [2010.10.29 15:17:41 | 000,000,116 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\default.pls [2010.10.23 19:27:32 | 000,000,010 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\install [2010.10.23 19:23:58 | 000,000,191 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\33498.bat [2010.10.23 19:23:38 | 000,000,191 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\26695.bat [2010.10.23 19:19:20 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log [2010.10.23 19:19:12 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log [2010.10.23 19:16:46 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\googleupdate.log [2010.10.10 18:49:15 | 000,000,083 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib [2010.08.20 17:38:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010.07.04 12:48:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2010.01.08 14:11:41 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\EloOpenOffice.dll [2010.01.08 14:11:41 | 000,158,760 | ---- | C] () -- C:\WINDOWS\System32\ELOComRes.dll [2010.01.08 14:09:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FULINST.INI [2009.06.28 20:17:17 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Winchat.ini [2009.01.07 19:01:44 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll [2008.09.09 19:46:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008.07.25 12:07:48 | 000,000,703 | ---- | C] () -- C:\WINDOWS\System32\iconcfg.ini [2008.06.18 19:26:16 | 000,078,336 | ---- | C] () -- C:\WINDOWS\System32\dbjavio6.dll [2008.06.18 19:26:14 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\dbauth6.dll [2008.06.18 19:26:08 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Crypkey.ini [2008.06.18 19:26:05 | 000,024,608 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys [2008.06.18 19:26:05 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll [2008.06.08 08:36:12 | 002,156,960 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\NMM-MetaData.db [2008.04.20 09:48:38 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008.04.18 18:18:57 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\dbodtr6.dll [2008.04.18 18:18:56 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\dbextf50.dll [2008.01.01 09:57:16 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll [2008.01.01 09:57:16 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2007.11.16 14:04:23 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2007.11.16 13:31:56 | 000,000,148 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2007.11.16 13:31:55 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini [2007.11.16 13:31:19 | 000,000,657 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2007.11.10 13:46:11 | 000,002,454 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\GdiplusUpgrade_MSIApproach_Wrapper.log [2007.11.10 13:46:11 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini [2007.11.10 13:40:46 | 000,005,931 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log [2007.10.02 18:10:23 | 000,000,133 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini [2007.09.19 04:55:55 | 000,144,384 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.09.09 18:48:47 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini [2007.09.09 18:48:26 | 000,002,646 | ---- | C] () -- C:\WINDOWS\BRMFBIDI.INI [2007.09.09 18:47:50 | 000,000,416 | ---- | C] () -- C:\WINDOWS\brwmark.ini [2007.09.09 18:47:50 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2007.09.09 18:47:50 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Brpcfx.ini [2007.09.09 18:46:11 | 000,025,939 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2007.09.09 18:34:17 | 000,000,054 | ---- | C] () -- C:\WINDOWS\miniFaktura.ini [2007.09.09 18:28:23 | 000,002,508 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\$_hpcst$.hpc [2007.09.09 18:10:49 | 000,000,039 | ---- | C] () -- C:\WINDOWS\orgaMAX.ini [2007.09.09 18:03:19 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll [2007.09.07 19:44:46 | 000,000,309 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2007.09.07 19:21:08 | 000,000,485 | ---- | C] () -- C:\WINDOWS\WINCMD.INI [2007.09.07 18:37:57 | 000,000,852 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007.09.07 18:33:13 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL [2007.09.02 08:58:23 | 000,092,426 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini [2007.09.02 08:57:38 | 000,078,549 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini [2007.09.02 08:54:27 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html [2007.09.01 17:41:21 | 000,004,525 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007.03.29 22:00:40 | 000,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2006.06.06 22:45:15 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\esam.dll [2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002.08.08 08:20:40 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\Welsof32.dll [2002.01.08 15:57:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll ========== LOP Check ========== [2008.10.05 16:27:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ACD Systems [2008.10.11 22:50:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis [2010.03.15 14:05:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software [2008.02.10 09:51:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autodesk [2011.01.29 18:50:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bandoo [2010.01.01 09:46:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bluetooth [2010.02.23 18:49:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elaborate Bytes [2010.01.08 17:15:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreePDF [2011.01.28 18:51:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fun4IM [2008.05.24 18:41:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations [2008.05.24 18:38:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia [2008.05.24 18:44:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite [2010.01.08 18:20:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PFU [2007.09.24 20:02:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simple Star Shared [2010.02.23 18:48:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft [2011.02.13 20:44:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2010.07.12 19:18:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tmp [2010.07.21 18:29:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010.11.14 13:27:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\0C1992492B11925F576462A18B044D41 [2008.10.05 16:28:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ACD Systems [2008.10.11 22:52:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Acronis [2008.01.22 19:00:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Autodesk [2008.04.20 09:50:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\DAEMON Tools Pro [2010.08.20 17:23:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Dekart [2008.08.28 16:40:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Elaborate Bytes [2010.01.08 16:42:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Elo [2011.02.09 19:26:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Foymfe [2008.01.04 21:02:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\FRITZ! [2009.03.27 19:34:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mobile Master [2008.05.24 18:42:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nokia [2008.06.08 08:39:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nokia Multimedia Player [2008.05.11 11:31:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Opera [2010.01.05 18:33:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\PaperArchiver [2008.06.07 18:52:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\PC Suite [2010.01.08 18:20:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\PFU [2011.02.12 12:09:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Registry Mechanic [2010.07.21 18:40:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\SharePod [2007.09.24 20:02:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Simple Star [2008.06.08 08:49:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\SlySoft [2008.05.30 13:38:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Steinberg [2009.09.07 18:56:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Subversion [2008.10.03 12:12:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Supreme Auction [2010.05.28 18:19:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\TomTom [2011.02.12 10:08:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Tygo [2010.12.30 13:01:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\WEB.DE [2011.01.30 01:29:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Zeopyn ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2010.07.02 17:56:03 | 000,000,000 | RHSD | M] -- C:\acroldr [2010.05.01 12:04:13 | 000,000,000 | ---D | M] -- C:\CloneDVDTemp [2011.02.12 12:55:16 | 000,000,000 | -H-D | M] -- C:\Config.Msi [2010.10.23 19:27:15 | 000,000,000 | ---D | M] -- C:\DBControl [2011.02.12 11:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings [2011.02.12 10:48:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen [2010.05.22 08:51:53 | 000,000,000 | -HSD | M] -- C:\found.000 [2010.03.17 19:26:56 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009.05.27 19:06:05 | 000,000,000 | ---D | M] -- C:\Program Files [2011.02.13 20:44:22 | 000,000,000 | ---D | M] -- C:\Programme [2010.10.23 19:40:35 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2011.01.29 20:24:15 | 000,000,000 | -H-D | M] -- C:\RestorPoint [2010.10.23 19:33:35 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.02.11 19:21:39 | 000,000,000 | ---D | M] -- C:\TEMP [2007.09.07 19:21:27 | 000,000,000 | ---D | M] -- C:\wincmd [2011.02.13 20:43:25 | 000,000,000 | ---D | M] -- C:\WINDOWS [2011.02.12 10:47:27 | 000,000,000 | ---D | M] -- C:\WINDOWS.0 < %PROGRAMFILES%\*.exe > Invalid Environment Variable: LOCALAPPDATA < %systemroot%\*. /mp /s > < MD5 for: EXPLORER.EXE > [2004.08.04 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [2007.06.13 14:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2008.04.14 06:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS.0\explorer.exe [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\system32\dllcache\explorer.exe [2007.06.13 14:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe < MD5 for: USERINIT.EXE > [2008.04.14 06:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS.0\system32\userinit.exe [2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\dllcache\userinit.exe [2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: WINLOGON.EXE > [2004.08.04 13:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008.04.14 06:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS.0\system32\winlogon.exe [2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-02-12 12:07:12 ========== Alternate Data Streams ========== @Alternate Data Stream - 136 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:B63300D1 @Alternate Data Stream - 124 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C8B8CEBD @Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1 < End of report >
Code:
ATTFilter OTL Extras logfile created on: 14.02.2011 07:18:01 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Dokumente und Einstellungen\User\Desktop\MFTools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 177,93 Gb Total Space | 150,80 Gb Free Space | 84,75% Space Free | Partition Type: NTFS
Drive D: | 287,83 Gb Total Space | 259,90 Gb Free Space | 90,29% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 2.5.Browse] -- "C:\Programme\ACD Systems\ACDSee Pro\2.5\ACDSeeQVPro25.exe" "%1" (ACD Systems)
Directory [CEWE FOTOSCHAU] -- "C:\Programme\dm\dm Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [dm Fotowelt] -- "C:\Programme\dm\dm Fotowelt\dm Fotowelt.exe" "%1" ()
Directory [dm-Fotowelt] -- "C:\Programme\dm\dm Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Müller Fotowelt.exe] -- "C:\Programme\Müller Fotowelt\Müller Fotowelt\Müller Fotowelt.exe" "%1" ()
Directory [OnlineFotoservice] -- "C:\Programme\OnlineFotoservice\OnlineFotoservice\OnlineFotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\wincmd\WINCMD32.EXE" = C:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"E:\fsetup.exe" = E:\fsetup.exe:*:Enabled:AVM FSetup Application
"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:FRITZ!DSL - igdctrl.exe -- (AVM Berlin)
"C:\TEMP\HP_WebRelease\Setup\HPZnet01.exe" = C:\TEMP\HP_WebRelease\Setup\HPZnet01.exe:*:Enabled:Install Consumer Experience Network Plug in -- (Hewlett-Packard)
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update -- (AVM Berlin)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:HP AiO Fax Manager -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:HP OfficeJet Settings Interface -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:HP Fax Setup Wizard -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpospd08.exe" = C:\Programme\HP\Digital Imaging\bin\hpospd08.exe:*:Enabled:HP OfficeJet Speed Dial Interface -- (Hewlett-Packard Co.)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Database Agent Service -- (SiSoftware)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Programme\Nero\Nero8\Nero ShowTime\ShowTime.exe" = C:\Programme\Nero\Nero8\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Nero AG)
"C:\Programme\Java\jre1.6.0_05\launch4j-tmp\JDownloader.exe" = C:\Programme\Java\jre1.6.0_05\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_05\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_05\bin\java.exe" = C:\Programme\Java\jre1.6.0_05\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
"C:\Programme\Nsasoft\ProductKeyExplorer\ProductKeyExplorer.exe" = C:\Programme\Nsasoft\ProductKeyExplorer\ProductKeyExplorer.exe:*:Enabled:Product Key Explorer
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{24C606DF-E557-4D18-B45A-F256B1606635}" = VC80
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}" = ACDSee Pro 2.5
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{340695E9-AABC-4BCE-98CC-DFDC20649242}" = Enterprise
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{358A2F50-8885-4EDE-BBB0-130A5834E0B4}" = Visual FoxPro 9.0 Baseline - English
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{503D6E3E-1A48-44F5-BB7C-EB3B593FAED0}" = Opera 9.27
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D19E730-D3C6-47F4-AE4B-DCB26EC2D905}" = Nokia Software Updater
"{5D6EC6F7-9B38-4a02-B063-97C2048B56A2}" = 7200_Help
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{83E58D0D-7FF8-448D-9151-C3EE1BDE8380}" = Falk Navi-Manager
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8EA67542-82B6-4c5c-8AD3-CD36232C1362}" = HP PSC & Officejet 4.7 Corporate Edition
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{924A365C-6727-42B9-91AC-C8C2CAC0B835}" = Falk Navi-Manager
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BAAE963-E16D-4E17-AFE6-1965F5AA0292}" = Visual FoxPro 9.0 Professional - English
"{9C05FA75-0337-4523-AA57-9D3511018887}" = Nokia PC Suite
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A7391302-FADF-4314-80DC-C757DAE45178}" = 7200
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{AC966B90-53CA-4710-8EEE-57ED25387872}" = 7200Trb
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BCB4C18A-ACA6-4383-8688-E19933A705DD}" = Microsoft SOAP Toolkit 3.0
"{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes
"{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}" = Acronis True Image Home
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2096}_is1" = SiSoftware Sandra Lite XII.SP1
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8 Ultra Edition HD
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DC226AC9-0314-496C-BE6A-B6A132628466}" = SiSAGP driver
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E782A239-BB9C-419A-A515-368BBEF789C5}" = StarMoney
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"9397EA7527D5597E900F76DDCF42A1DEDCBDC288" = Windows Driver Package - Dekart (DEKART38) SmartCardReader (11/21/2007 1.0.5.9)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Anti-Twin 2010-12-05 19.05.47" = Anti-Twin (Installation 05.12.2010)
"avast5" = avast! Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"Biet-O-Matic v2.4.0" = Biet-O-Matic v2.4.0
"CCleaner" = CCleaner
"dm Fotowelt" = dm Fotowelt
"dm-Fotowelt" = dm-Fotowelt
"ERUNT_is1" = ERUNT 1.1j
"FreePDF_XP" = FreePDF (Remove only)
"FRITZ!DSL" = AVM FRITZ!DSL
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"HP Photo & Imaging" = HP Image Zone 4.7
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"miniFaktura_is1" = miniFaktura 5.0
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Müller Fotowelt" = Müller Fotowelt
"Nero PhotoShow Express 5" = Nero PhotoShow Express 5
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"OnlineFotoservice" = OnlineFotoservice
"orgaMAX_is1" = orgaMAX 6.0
"RealAlt_is1" = Real Alternative 1.7.5
"SiS VGA Driver" = SiS VGA Utilities
"TomTom HOME" = TomTom HOME 2.8.0.2146
"UltraISO_is1" = UltraISO V7.25 ME
"Visual FoxPro 9.0 Professional - English" = Microsoft Visual FoxPro 9.0 Professional - English
"VLC media player" = VideoLAN VLC media player 0.8.6c
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wincmd" = Windows Commander (Remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinISO_is1" = WinISO 5.3
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"xp-AntiSpy" = xp-AntiSpy 3.96-2
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 05.02.2009 16:05:12 | Computer Name = PC | Source = avast! | ID = 33554522
Description =
Error - 29.07.2009 09:37:05 | Computer Name = PC | Source = avast! | ID = 33554522
Description =
Error - 29.07.2009 10:37:05 | Computer Name = PC | Source = avast! | ID = 33554522
Description =
Error - 12.08.2009 02:13:00 | Computer Name = PC | Source = avast! | ID = 33554522
Description =
Error - 12.08.2009 02:23:01 | Computer Name = PC | Source = avast! | ID = 33554522
Description =
Error - 12.08.2009 03:03:01 | Computer Name = PC | Source = avast! | ID = 33554522
Description =
Error - 12.08.2009 03:13:01 | Computer Name = PC | Source = avast! | ID = 33554522
Description =
Error - 12.08.2009 13:07:28 | Computer Name = PC | Source = avast! | ID = 33554522
Description =
Error - 07.10.2009 07:22:14 | Computer Name = PC | Source = avast! | ID = 33554522
Description =
Error - 21.11.2009 08:00:46 | Computer Name = PC | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 11.02.2011 14:39:43 | Computer Name = PC | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 11.02.2011 18:50:35 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 11.02.2011 18:50:35 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 11.02.2011 18:50:35 | Computer Name = PC | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The connection with the server was terminated
abnormally .
Error - 11.02.2011 18:50:35 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 11.02.2011 18:50:35 | Computer Name = PC | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 11.02.2011 20:19:34 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung , Version 0.0.0.0, fehlgeschlagenes Modul
unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 12.02.2011 05:19:33 | Computer Name = PC | Source = Application Error | ID = 1004
Description = Fehlgeschlagene Anwendung svchost.exe, Version 0.0.0.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 12.02.2011 05:21:41 | Computer Name = PC | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich 00536409.
Error - 13.02.2011 15:49:36 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
[ System Events ]
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Nero BackItUp Scheduler 3" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "PLFlash DeviceIoControl Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Autodata Limited License Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Pml Driver HPZ12" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Crypkey License" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AVM IGD CTRL Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "SoundMAX Agent Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TomTomHOMEService" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 13.02.2011 15:16:56 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NMIndexingService" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 13.02.2011 15:16:56 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Acronis Nonstop Backup service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
< End of report >
|
|
22.02.2011, 09:07
| #6 |
| | Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. Kann mir hierzu keiner helfen? Oder soll ich die Logdatei von HijackThis einstellen, was aber ja nicht mehr gemacht werden sollte laut Larusso.. Wäre echt dankbar! |
|
22.02.2011, 13:39
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..Zitat:
 Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
22.02.2011, 14:35
| #8 |
| | Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. Hallo und danke für die Info. Hab es aber genau so gemacht, wie Larusso es in seiner Anleitung hier im Bereich "Hijacker / HiJackThis Logs posten" verlangt hat. Man solle ja nicht mehr die HiJackthis-Log`s posten sondern diese einzelnen Programme nehmen.. Wollte jetzt nur wissen, ob ihr an den Log`s sehen könnt, ob da noch was versteckt in meinem System schlummert.. Sorry, kenne mich da nicht ganz so gut aus damit.. Danke auf jeden Fall für jegliche Info.. |
|
22.02.2011, 15:34
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. Und ich hab dich gebeten einen Vollscan zu machen! Also mach es bitte und auch das andere was ich gepostet habe!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. |
| administrator, anti-malware, autostart, avast, booten, dateien, desktop, einstellungen, explorer.exe, image, logfiles, malware, malwarebytes, microsoft, programme, required, software, spybot, startet, system, system32, taskmanager, trojan.agent, trojan.fakealert, trojaner, wallpaper |
Linear-Darstellung
